Switch web API/permission code to use IsOriginSecure() instead of SchemeIsSecure().

components/autofill/content/browser/wallet/wallet_service_url_unittest.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/command_line.h"
 #include "components/autofill/content/browser/wallet/wallet_service_url.h"
 #include "components/autofill/core/common/autofill_switches.h"
 #include "content/public/common/content_switches.h"
+#include "content/public/common/origin_util.h"
 #include "testing/gtest/include/gtest/gtest.h"
 #include "url/gurl.h"
 
 namespace autofill {
 namespace wallet {
 
 TEST(WalletServiceSandboxUrl, CheckSandboxUrls) {
   base::CommandLine::ForCurrentProcess()->AppendSwitchASCII(
       switches::kWalletServiceUseSandbox, "1");
 
@@ skipping 89 matching lines @@
   const GURL fake_service_url = GURL("http://goo.gl");
   command_line->AppendSwitchASCII(switches::kWalletServiceUrl,
                                   fake_service_url.spec());
 
   const GURL flag_get_items_url = GetGetWalletItemsUrl(0);
   EXPECT_NE(sandbox_get_items_url, flag_get_items_url);
   EXPECT_EQ(fake_service_url.GetOrigin(), flag_get_items_url.GetOrigin());
 }
 
 TEST(WalletServiceUrl, IsSignInContinueUrl) {
-  EXPECT_TRUE(GetSignInContinueUrl().SchemeIsSecure());

[Dan Beam, 2015/05/07 20:50:53]

the intent of this is to ensure the transmission of data is encrypted.
IsOriginSecure() does not require this, as far as I can tell.

[lgarron, 2015/05/07 20:55:33]

Is the intent to ensure that it is literally encrypted (using HTTPS/WSS), or
that it is trusted as much as an encrypted connection?

IsOriginSecure() is meant to capture the latter, but SchemeIsCryptographic() is
appropriate for the former.

[palmer, 2015/05/07 20:57:10]

Correct: |IsOriginSecure| will also return true for origins that are not
cryptographically protected, and for which that does not matter:
http://localhost, extension URLs, and so on.

It might be that we should say

    EXPECT_TRUE(GetSignInContinueUrl().SchemeIsCryptographic());

here instead. (|SchemeIsCryptographic| is the more precisely-defined replacement
for |SchemeIsSecure|.)

[Dan Beam, 2015/05/07 20:58:29]

it'd probably allow http:// trusted origins as well, no?
yep

[lgarron, 2015/05/07 21:08:32]

It allows HTTP origins if the host is localhost, or if the user has passed an
explicit commandline flag to trust it.

Given your concern, it seems that SchemeIsSecure() is safe. Since it's in a
test, no one should need this to work for localhost or with a special override.
I've made the change in the latest patch.

+  EXPECT_TRUE(IsOriginSecure(GetSignInContinueUrl()));
 
   base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
   command_line->AppendSwitchASCII(switches::kWalletServiceUseSandbox, "1");
 
   // authuser query param is respected.
   const char sign_in_url[] = "https://wallet-web.sandbox.google.com/online/v2/"
       "u/0/passiveauth?isChromePayments=true&authuser=4";
   size_t user_index = 100;
   EXPECT_TRUE(IsSignInContinueUrl(GURL(sign_in_url), &user_index));
   EXPECT_EQ(4U, user_index);
@@ skipping 21 matching lines @@
   EXPECT_TRUE(IsSignInRelatedUrl(GetSignInUrl(0)));
   EXPECT_TRUE(IsSignInRelatedUrl(GetAddAccountUrl()));
   EXPECT_TRUE(IsSignInRelatedUrl(GURL("https://accounts.youtube.com")));
   EXPECT_TRUE(IsSignInRelatedUrl(GURL("https://accounts.youtube.com/")));
   EXPECT_TRUE(IsSignInRelatedUrl(GURL("https://accounts.google.com")));
   EXPECT_FALSE(IsSignInRelatedUrl(GURL("http://google.com")));
 }
 
 }  // namespace wallet
 }  // namespace autofill